Jump to content

Recommended Posts

Hackers brute forced my test account  that i created recently and got in through RDP, they encrypted all files on main business PC. Files have been renamed to filename.id-xxxxxxxxxxxxxx_[[email protected]].b1m74

When I compare files sizes of original file and encrypted file they are the same size. When i upload these to id ransomware website they say it is a Cry36 and Dharma ( dharma comes from the email used, so not sure if thats correct)

Now from what i have read, the cry36 usually has 36 bytes different in file size, so isnt that what defines the cry36 encryption? How can my encryption type be called Cry36 if it has 0 size difference? Can this be a whole new Variant of Cry family?

Can a professional elaborate on this?

I have included a zip with both files original and encrypted and the note.


### DECRYPT MY FILES ###.txt


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...